arch: Pointer to local outside scope, CWE-562

Reported by Coverity: if we fail to run the AVX2 version, once
execve() fails, we had already replaced argv[0] with the new
stack-allocated path string, and that's then passed back to
main(). Use a static variable instead.

Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
This commit is contained in:
Stefano Brivio 2022-04-05 15:18:25 +02:00
parent 2b1fbf4631
commit 0bf6adc886

10
arch.c
View file

@ -22,6 +22,8 @@
* @argv: Arguments from command line
*/
#ifdef __x86_64__
static char avx2_path[PATH_MAX];
void arch_avx2_exec(char **argv)
{
char *p = strstr(argv[0], ".avx2");
@ -29,11 +31,9 @@ void arch_avx2_exec(char **argv)
if (p) {
*p = 0;
} else if (__builtin_cpu_supports("avx2")) {
char path[PATH_MAX];
snprintf(path, PATH_MAX, "%s.avx2", argv[0]);
argv[0] = path;
execve(path, argv, environ);
snprintf(avx2_path, PATH_MAX, "%s.avx2", argv[0]);
argv[0] = avx2_path;
execve(avx2_path, argv, environ);
perror("Can't run AVX2 build, using non-AVX2 version");
}
}